CTF League - Inspect Yourself
Download/Access: http://inspect_yourself.ctf-league.osusec.org/
Description: Boss told me to share my to-do list with everyone else to hold me accountable or something. He gave me an hour so I didn’t have time to check but hopefully I didn’t leave anything sensitive on there…
Challenge 1
The only real information we were given going into this challenge is the website and the name of the challenge. Since we were not given much info, the first thing you should do when looking for a flag on a website is to either view the page source code or inspect it. Because the name of the challenge is “Inspect Yourslef”, I think inspecting it first is a good idea.
Here’s how you do it:
- Right-click on the page
- Select Inspect
And what do you know! Right off the bat there’s flag 1! Now remove the comment tags and be on your way
osu{7h3_l157_k33p5_g3771ng_l0ng3r}
Challenge 2
For this challenge, we were given a bit more information with the mention of “cookies”.
Here’s how you view a website’s cookies
- While still on the Inspect page, click the storage tag
- On the left, there should be a cookies drop down, make sure you click it
- Select the first (and only) cookie there
Huh, that’s weird… the cookie has a name of “notflag”. I think we should investigate that more.
Here’s the value of the cookie: b3N1ezNuMHVnaF8wZl95MHVyX2I0czNsMzU1X2NsNDFtc30=
It looks like this value is encoded. I also think it might be base64 since it seems to be padded out with an equals sign. Let’s throw this into a base64 decoder and see if we can get english out of it.
That worked! We got the flag!
osu{3n0ugh_0f_y0ur_b4s3l355_cl41ms}
Challenge 3
For this last challenge, we were told that the flag might be hiding in another page. Instead of gobustering (a tool which allows you to brute force the most common file and directory names on a website), lets first look at a few files.
- sitemap.xml
According to google, “A sitemap is a file where you provide information about the pages, videos, and other files on your site, and the relationships between them. Search engines like Google read this file to crawl your site more efficiently”. Essentially, a sitemap can help search engines find all the different files and paths within a website without a lot of effort. Let’s see if sitemap.xml can help us by appending “/sitemap.xml” to the website url.
Rats! Let’s try a different way.
- robots.txt
According to google, “A robots.txt file tells search engine crawlers which URLs the crawler can access on your site”. This file can be accessed by typing “/robots.txt” onto the end of the url. Let’s try that and see if we find anything.
Interesting…
Since we are looking for a flag, let’s try /flag first by appending it to teh url.
Rick Rolled…
Now let’s try /other using the same method.
Huh. That’s weird. It loaded a page, but it’s completely blank. Let’s inspect it to see what’s happening.
Wow! There’s the last flag in the paragraph element within the body!
osu{y0u_can_n3v3r_7ru57_y0ur_3y35}
Let this be a lesson to always inspect a page, since you never know what could be lurking there.